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REMARKS 

Reconsideration and further examination are respectfully requested. 
Drawings: 

The drawings were objected to for various informalities. Applicant has endeavored to 
amend the drawings to overcome the informalities described in paragraphs 3 and 4 of the office 
action. For example, Figure 1 has been amended to include the PRIOR ART indicator and to 
remove the legends "(a VPN A" and "(£. VPN B", as well as the legends VPN A and VPN B in 
the Virtual Route Forwarding Tables. Figure 2 has been amended to add the element number 
'20' and indicator arrow directed at the system of Figure 2. Element number 21 has been added 
next to the 'destination' element, and element number 23 has been moved to the 'source' 
element. Figure 3 has been amended to delete element 33. Figure 4 has been amended to add 
step 102 (for downloading keys) as well as to complete the decision loop and provide 'YES' 
'NO' labels for step 105. 

With regard to the Examiner's objection of in paragraph 5, Applicant has amended the 
flow diagrams to include the 'Yes' and 'No' indicators for step 208. However Applicant is 
unclear with regard to the Examiner's statement that 'in Figure 5, the steps of downloading the 
key to the member as well as auto-discovering the other members, as described in the 
specification...' 

Applicant has amended the specification to more clearly show that the steps that are taken 
in Figure 4 refer to actions performed by the S/R, while steps in the process of Figure 5 reflect a 
process from a group member standpoint. With regard to the auto-discovery step, auto-discovery 
is described as being performed by the S/R, in the event that the member does not forward a 
member list during discovery. Whether the members are identified via a member list received 
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by the S/R, or via auto-discovery performed by the S/R, the member receives the UPDATES 
including reflected routes from the S/R, as shown in new step 205 in Figure 5. Applicant 
respectfully submits that the Examiner's objections have been overcome. Applicant has 
submitted herewith both an annotated version of the drawings, illustrating changes made to 
overcome the rejections, as well as a set of replacement drawings. No new matter has been 
added by way of the amendments to the figures. 

Specification : 

The specification was objected to for various informalities. Applicant has endeavored to 
amend the specification to correct the informalities identified by the Examiner, as well as to 
correct any informalities identified by the Applicant. Applicant submits herewith a clean version 
of a substitute specification, and a marked up version of a substitute specification which 
illustrates changes made. In view of these amendments, it is respectfully requested that the 
rejection be withdrawn. The Examiner is thanked for the careful review of the specification and 
drawings. 

The specification was also objected to the 'incorporation of essential material,' with 
regard to the Applicant's use of the incorporation by reference of several documents. In one 
instance, Applicant has amended the specification to incorporate certain text of RFC 1771, 
previously incorporated by reference. No new matter was added by this amendment. 
With regard to other material, Applicant respectfully traverses the Examiner's characterization of 
the incorporation by reference of referring to 'essential material', and submit that in all of the 
instances identified by the Examiner, application has provided, within the specification itself, a 
written description of the claimed invention, and of the manner and process of making and using 
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it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which 

it pertains, or with which it is most nearly connected, to make and use the same, and set forth the 

best mode contemplated by the inventor of carrying out the invention as required by the first 

paragraph of 35 U.S.C. 1 12. For example, with regard to auto-discovery, Applicant has clearly 

described, on pages 10 - 1 1 of Applicant's specification, the steps and fields of a BGP packet 

that are used to enable auto-discovery. In addition, the examiner's statement, at page 8 of the 

office action that the Applicant has not fully described 'means for assigning a security 

association to the group' ignores the teaching on page 7, of : 

"... a Security Association (SA) is a set of policy and cryptographic keys that provide 
security services to network traffic that matches that policy. A SA typically includes 
selectors, properties, cryptographic policy, and keys. The selectors include source and 
destination transport addresses. The properties include ... a security parameters index or 
cookie pair, and identities. Cryptographic policy includes the algorithms, modes, key 
lifetimes, and key lengths used for authentication or confidentiality. The keys include the 
authentication, encryption and signing keys. . . 

Group Security Associations (GSAs) are a bunding of SAs that together define 
how a group communicates securely. The GSA may include, for example, a registration 
key, a rekey protocol SA, and one or more data security protocol SAs. . . The GSA 
includes . . .group policy attributes. . .multiple SAs. . . may be used for independent 
purposes. For example, three types of SAs which are generally needed for 
communication are Registration SAs, allowing a group member to register with the 
GCKS, Re-Key SAs, allowing the GCKS to forward new keys to all group members, and 
Data Security SAs, which protect data between sending and receiving members of the 
group..." 



It should not be ignored that the specification is drafted for 'one of skill in the art.' 
Applicant respectfully submits that no more than what is already contained in the specification is 
needed to enable one of skill in the art to assign a security association to the group. 

Accordingly, for at least these reasons it is requested that the rejection be withdrawn. 
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Objections to the claims 

The claims were objected to as being overcrowded. Applicant has submitted the above 
set of claims to replace the filed set, and note that this objection has been overcome. 

Claims 1, 10-12, 14 and 17 were objected to for various informalities. Applicant notes 
that claims 14-17 have been cancelled and the other claims have been amended to remedy the 
informalities. Accordingly it is requested that the objection to the claims be withdrawn. The 
Examiner is thanked for the careful review of the claims. 



Rejections under 35 U.S.C. S. 1 12, first paragraph 

The Examiner rejected claims 14-17 as failing to comply with the written enablement 
requirement, in particular for failing to describe 'means for assigning security association to a 
group' and 'auto discovery means'. Applicant has cancelled the claims, and thus the rejection is 



However, Applicant does believe that sufficient support has been provided within the 

specification itself to enable one of skill in the art to 'assign security association' to a group, as 

well as to implement an 'auto-discovery' process. For example, auto-discovery is described in 

detail at pages 10-1 1 of Applicant's specification as: 

. . .group identifier information associated with the NLRI of a member is encoded either 
as a specific attribute of the NLRI, as a part of the NLRI, or both. It should be understood 
that, although this embodiment describes the use of the NLRI field for BGP-4 protocol, 
this is for purposes of illustration only. Other embodiments, where the S/R issues any 
other type of message or groups of messages capable of indicating that it is seeking 
information regarding routes for members of a specific, indicated group may alternatively 
be used and are also taught herein, and the present invention is limited to no specific 
embodiment. 

During Auto-Discovery at step 110, UPDATE messages are forwarded to each of the 
coupled devices, with the UPDATE message including the group identifier, and proceeds 
to step 105 to await receipt of route information. Other members within the group, 
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receive the UPDATE message, and, if they are part of the indicated group, return route 
information to the S/R 30 for each of the devices in it's autonomous system. As above, 
when route information is received at the S/R, the S/R advantageously secures this 
information and forwards it to all other identified members of the group. The process 
then proceeds to step 105, to await new routing information. . ." 

Accordingly, for at least the reason that the claimed steps are described in Applicant's 
specification in a manner sufficient to enable one of skill in the art to implement the steps, it is 
requested that the rejection under 35 U.S.C. S. 112, first paragraph be withdrawn. 

Rejections under 35 U.S.C. S. 1 12, second paragraph 

Claims 1-17 were rejected under 35 U.S.C. 112, second paragraph for various 
informalities. Applicant has endeavored to amend the claims to overcome the Examiner's 
grounds for rejection, and therefore request that the rejection be withdrawn. In particular, 
Applicant has amended claim 1 to state that the route information is received from 'at least one 
other' member. Applicant has amended the specification to clearly show that a registration 
request is forwarded to the S/R at step 100, Figure 4, which does not add any new matter to the 
language which already stated 'when a member registers with the S/R. . . ' With regards to claims 
7, 8 and 9, Applicant is unclear as to the Examiner's rejection, as it is understood that the claims 
are read in conjunction with the specification; should support be found in the specification, as 
indicated by the Examiner, it is unclear as to the basis for the Examiner's rejection. Applicant 
appreciates that the Examiner later applies a 101 rejection to the claims, and perhaps that is the 
reason for the additional application of the 1 12, second paragraph rejection. Applicant has 
amended the claim to overcome the 101 rejection, as described below. Applicant has amended 
claim 10 to remove the term 'another.' Claims 1 1-13 have been amended to correct antecedent 
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issues associated with 'routing information.' Applicant has amended claim 14 to indent the 3 rd 

and 4 th paragraphs in an attempt to remedy clarity issues identified by the Examiner. 

Accordingly, in view of these amendments, it is requested that the rejection of the claims 
under 35 U.S.C. 1 12, second paragraph, be withdrawn. 

Rejections under 35 U.S.C. 101. 

Claims 7-9 and 14-17 were rejected under 35 U.S.C. 101 as directed to non-statutory 
subject matter. Claims 14-17 have been cancelled. Applicant has endeavored to amend the 
claims to overcome this ground of rejection. It is therefore requested that the rejection be 
withdrawn. 

Rejections under 35 U.S.C. 102 

Claims 1-3, 7 and 9-15 were rejected under 35 U.S.C. 102(e) as being anticipatd by 
Hanzlik et al. US20040044891 Al. 

Hanzlik: 

Hanzlik describes a method for implementing a virtual private group network. The 
method includes creating a virtual private group definition on a policy server, establishing a 
plurality of secure connections between the policy server and a plurality of group nodes, sending 
a copy of the virtual private group definition from the policy server to the group nodes, sending a 
shared traffic encryption key from the policy server to each of the group nodes, and sharing 
secure communication information among the group nodes using the shared traffic encryption 
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key, wherein each group node is included in the virtual private group definition. (Hanzlik, 
Abstract). 

The Examiner states Hanzlik discloses the step of 'reflecting route information' in his 
teaching of 'forwarding a membership list' to members of the group. Applicant would 
respectfully disagree that Hanzlik teaches 'reflecting route information' through the mere 
identification of IP addresses of the group. The route information of the present invention 
comprises more than just the IP addresses of members of the group; rather, the route information 
provided is sufficient to enable the devices to determine the appropriate paths between 
autonomous systems. Thus Applicant has amended the claim to more clearly recite that the 
'routing information' identifies a border router that should be used as the next hop to the at least 
one member of the group. No teaching or suggestion of such a limitation is shown or suggested 
by Hanzlik. Accordingly, for at least the reason that Hanzlik neither describes nor suggests such 
a limitation, it is requested that the rejection of the claims be withdrawn. 

Rejections under 35 U.S.C. $103 

Claims 4-6, 8 and 16-17 were rejected under 35 U.S.C. §103 as being unpatentable over 
Hanzlik in view of Mukherjee (U.S. Application 2004/0006708). 

Mukherjee 

Mukherjee teaches, in the Abstract ". . .A method for providing peer-to-peer virtual 
private network (P2P-VPN) services over a network. The method includes identifying subnet and 
host addresses for each user device requesting participation in a virtual private network (VPN) 
session. Once the subnet and host addresses are identified, a virtual private host (VPH) is 
initiated for each user device, where each VPH communicates with each user device via a 
respective tunnel through the network, thereby enabling secure communications between the user 
devices..." 
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It is noted that Mukherjee also neither describes nor suggests the exchange of secured 
"... 'routing information' identifies a border router that should be used as the next hop to the at 
least one member of the group. . ." Thus, Mukherjee fails to remedy the inadequacies of Hanzlik 
with regard to the parent independent claims. Accordingly, dependent claims 4-6 and 8 are 
allowable for at least the reason that they serve to add further limitations to an allowable base 
claim. 
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Conclusion: 

Applicants have made a diligent effort to place the claims in condition for allowance. 
However, should there remain unresolved issues that require adverse action, it is respectfully 
requested that the Examiner telephone Applicants' Attorney at the number listed below so that 
such issues may be resolved as expeditiously as possible. 

For these reasons, and in view of the above amendments, this application is now 
considered to be in condition for allowance and such action is earnestly solicited. 



Respectfully Submitted, 
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